DDoS

Note: this entry is a work in progress

About

Distributed Denial of Service (DDoS) is a method of cyberattack that usually involves temporarily blocking access to a website or server by flooding the bandwidth of a targeted network. The most common methods of DDoS include exploiting unprotected server networks, sending massive requests or opening multiple connections with the server.

Origin

The first publicly available DDoS tools Trinoo and Tribe Flood Network were released in 1997 and 1998 respectively.^[8] The first well-documented DDoS attack took place in August 1999, which targeted a single University of Minnesota computer and knocked the system offline for more than two days. DDoS came grabbed public’s attention months later in February 2000, after a number of high profile search portals and e-commerce sites were taken offline for hours, including Yahoo!, Amazon, Buy.com, CNN, eBay, E*Trade and ZDNet. In addition, several companies reported significant losses due to the downtime, with Yahoo! losing about $500,000 and costing Amazon nearly $600,000.^[7]

Spread

According to The Next Web’s timeline of DDoS attacks^[6], most notable attempts in the first half of the 2000s were made by individuals using botnets and software programs. In 2001, Register.com came under a severe attack using tens of thousands of DNS records from around the world that lasted for an entire week.^[9] In October 2002, all 13 Domain Name System root nameservers were targeted by a DDoS attack, which lasted for approximately one hour. In 2003, eBay was taken offline by a DDoS attack involving 20,000 computers, causing damage of at least $5,000.^[10]

Beginning in the mid-2000s, DDoS tools became widely adopted by hackers, activists and even criminals for personal gains, leading to the creation of cyberattack task forces in law enforcement agences. In 2007, several government websites of Estonia were brought down by DDoS attacks originating from Russia, which further added to the diplomatic tension between the two countries building up at the time. The following year, Russian hackers and criminal were once again linked to similar attacks against websites of Georgian, Azerbaijani and Russian governments in the news. In 2009, a crowdsourced, PHP-scripted DDoS attack took down several pro-Ahmadinejad websites during the protests of 2009 Iranian election, demonstrating its potential use in political activism.^[6]

Operation Payback

Operation Payback is a series of DDoS attacks organized by members of Anonymous against a number of major entertainment websites including Recording Industry Association of America and the Motion Picture Association of America. The attacks began September 19th, 2010 and continued unabated for over a month.

Operation Avenge Assange

Operation Avenge Assange is a series of DDos assaults led by Anonymous against Paypal, Visa and MasterCard’s websites in denouncing their decision to suspend all transactions with WikiLeaks following the "2010 U.S. diplomatic cable leak":knowyourmeme.com/memes/events/us-diplomatic-cables-leak-cablegate. Some of the other targeted sites included Amazon, Swiss Postal Finance as well as a number of U.S. government websites and various cybersecurity contractor firms.

Lulzsec

Lulzsec (Lulz Security) is a hacking collective that carried out a series of DDoS and other hacking attacks against commercial and government websites between May and June 2011. Some of the most notable targets included Sony Pictures’ internal database, Central Intelligence Agency website and Federal Bureau of Investigation’s contractor InfraGard.

Operation Antisec

Operation Antisec is an international hacktivist campaign launched by a coalition of Anonymous hackers including former members of Lulzsec. The operation officially began on June 20th, 2011 with DDoS attacks against UK’s Serious Organized Crime Agency (SOCA) and persisted for months targeting high-profile websites in private business, government and even military sectors.